This work is licensed with a
Creative Commons Attribution 4.0 International LicenseEndFragment
This material was developed with funding
from the National Science Foundation
The hash value, or digest, is a one-way result. This means that you cannot figure out what the input
was even if you are given the output and you know the mathematical algorithm used. Additonally,
you cannot determine the input by analyzing the output or running it through another function.
The hash function generates a fixed size output called the hash value or digest. A hash algorithm, such as MD5, produces the same sized output no matter what the size of the input. The MD5 algorithm produces a 128-bit hash value for each data source.
A hash has several characteristics. The first is that given an input and a hash algorithm, the hash algorithm will always produce the same hash value as its output.
The missing period generates a different hash value for the character string
The quick brown
fox jumped over
the lazy dog
The hash process validates data integrity (meaning that the data has not changed). If the input data changes in any way, the output hash value will be different. Hashes can validate the data being transmitted or it can prove that the data was not tampered with.
click on the grinder to calculate the hash values
All hashing functions inclue a predefined mathematical operation and/or logical computations such as
Boolean logic to generate a hash digest of a fixed size.
Click on each type of hash function
>>click on each component of the hashing process
Any type of data
The mathematical or logical operation
A fixed-size numeric representation of the input’s contents
Hashing is the process of converting an input of any length using a mathematical or logical function into a fixed-sized output called a hash value or hash digest.
The secret to how the hash function generates a fixed-size digest is in the extracting of the results. This checksum function adds the binary numbers together to calculate a sum, and uses only the first eight bits as the digest. The same message digest will result every time the process is repeated.
click on password to continue
Password is ABCD
no carry over--only uses eight least significant digits
A = 0100 0001
B = 0100 0010
C = 0100 0011
D = 0100 0100
click grinder to continue
1 0000 1101 = 266
Another way to generate f fixed-size digest is to use a Boolean opeation (AND, OR, XOR). The XOR operation is the most common. Again, the message digest will always be the same when given the same input.
A complex operation rotates the data before summing the results. Each input byte rotates by one bit. The most significant bit on the left takes the least significant position on the right. All other bits shift one position to the left. Then you sum all of the bytes. The first eight bits are used as the digest.
Bob creates his password. The system hashes the password, and the message digest is what actually gets stored on the system. Bob’s actual password is NOT saved on the system.
The system stores Bob’s password as a hash. The next time he enters his password, the password gets hashed and compared to the hash stored in the authentication table. If the hashes do not match, the user is denied access.
Hash saved for G00dDog
Bob is the payroll administrator for ACME, and he is currently updating the Payroll Report. Since this file is also used by several others in the organization, Bob performs a hash on the file and saves the results. Anyone else that performs a hash on the file will receive the same hash value and knows that the file has not been changed and its integrity has been maintained.
Click Bernie to continue
Bernie sends data to Bob. Bernie’s system segments and organizes the data into data units called packets. After forming each packet, it calculates a hash based on the binary data in that packet. The hash gets appended to the packet, and the frame gets transmitted.
When Bob receives the packet, his system verifies its content using the hash appended to the data unit. If the data was corrupted during transmission, the hash values will not match. Bob’s device will request that any corrupted packet be re-transmitted. This provides for trustworthy communication and save bandwidth by only retransmitting corrupted packets instead of the entire file.
<< click on locker to open
Bernie confiscated a hard drive as evidence from a crime scene. He will use a hash function to obtain a hash digest before storing the drive in the evidence locker. When Bob, the forensic analyst, goes to begin his investigation, he will use that hash digest to ensure that this evidence has not been tampered with.